banks

Phishers get nabbed

Thu, 22 May 2008 06:59:59 -0400

Thirty-eight people in the U.S. and Romania have been charged in two federal indictments, alleging they used a complicated Internet phishing scheme to steal thousands of credit and debit card numbers, and then tap into bank ATMs to obtain cash.

The targets were both individuals and hundreds of financial institutions, a reminder to CIOs and their IT departments to remain vigilant and to make sure employees know the risks and do not respond to bogus emails seeking personal or company information.

In the indictments coming out of California and Connecticut, federal authorities said schemes were run by individuals with ties to organized crime, and targeted banks and other companies including Citibank, Capital One and PayPal.

For more on these indictments:
- see this pcworld.com article

SaaS to the rescue

Thu, 22 May 2008 06:59:57 -0400

Beverly Magda,the Humane Society's CIO, writes in InformationWeek how her organization's fundraising efforts have been aided by new IT applications to support secure credit card transactions.

Turning to SaaS, she said the animal advocacy organization instituted an on-demand compliance service called QualysGuard to provide a reliable, automated way to conduct independent network security audits and securely transmit compliance reports to acquiring banks.

"SaaS opened our eyes to a new way of doing things. With QualysGuard, we didn't need to install any software or infrastructure. QualysGuard runs on Qualys' own secure global infrastructure, so we run security audits on-demand over the Internet with a standard web browser," she said.

To read more:
- see this InformationWeek.com article

Congress backtracking on Internet gambling

Thu, 24 Apr 2008 06:59:59 -0400

Some members of Congress, backed by financial institutions, are trying to enact legislation that would stop the Treasury Department from adopting regulations to enforce a federal ban on Internet gambling. The 2006 Unlawful Internet Gambling Enforcement Act calls for criminal and civil penalties for banks, credit card companies and others that process payments to gambling web sites. But the Treasury Department is having a hard time writing the regulations and the banks are balking at having to enforce the law.

The financial institutions claim it would be a nightmare to be forced to use their computerized payment systems to determine which customer activities are legal and which are not and argue they don't want to police the Internet. Legislation backed by Rep. Barney Frank, chairman of the House Committee on Financial Services, would stop the Treasury from writing or implementing regulations to carry out the 2006 law.

For more on this dispute:
- Check out this InformationWeek article

Financial IT could face slowdown

Mon, 24 Mar 2008 07:59:59 -0400

Financial services IT may be the next sector to face cutbacks in the volatile economic climate that has already taken down Bear Stearns. Analysts anticipate the overall IT spending in the financial industry to either flatten or fall. "For some larger banks, IT budgets could be down by as much as 15%," depending on their degree of exposure to the subprime mortgage mess, says David Easthope, at research company Celent. There is some good news, too, however. Some technology areas, such as risk management software and high-speed, low-latency network infrastructure for obtaining market data and making instantaneous trades, will continue to rake in IT dollars.

For more on the pending downturn in financial IT:
- See this InformationWeek article

Cybercrime on the rise

Mon, 03 Dec 2007 07:00:00 -0500

The FBI recently announced the arrest and prosecution of several cybercrime cases against individuals accused of defrauding banks, companies and consumers. It is part of an FBI probe called "Operation Bot Roast." And it is just the beginning of a crackdown into the compromise of two million PCs attacked by at least 10 individuals.

It's pretty scary when you look at the kind of cases being prosecuted. A 21-year-old student at the University of Pennsylvania was recently indicted for orchestrating attacks from a botnet of 50,000 PCs against various online chat networks. The scheme had a very far reach--the student was charged with working with an individual from New Zealand. Meanwhile, a 27-year-old Tacoma, Wash., resident pleaded guilty in September to maintaining a botnet of hundreds of thousands of compromised PCs. He rented them out to spammers and people who wanted to use the bot network to take websites offline.

There are plenty of others, too. This may sound a bit like Bonnie and Clyde or the Wild West, but the reality is these are now new types of crimes that did not exist a decade ago. It's important for every CIO to remember that your network is not just your own. You probably keep your door locked at night and park your car in a safe location. With these new kind of cybercrimes, it's important to remember that law enforcement may not know what is coming next until a successful attack has been launched. Will you be the next victim?

ALSO: For a look at what's coming down the road for CIOs, check out this week's special report on eDiscovery, a legal issue that involves preserving and keeping track of electronic documents, including email, in the event of a court order to turn the material over in a lawsuit.-Judi

Phishers more organized and dangerous

Sun, 16 Jul 2006 20:01:38 -0400

Everyone's pretty aware of how sophisticated phishers are getting these days, and now it's obvious they're also getting pretty business savvy, as they're developing scams specific to industries such as banking. According to one research firm, online criminals are discovering ways to get around the two-way authentication systems many banks have put in place by focusing on the token systems used to provide temporary passwords to online customers. The scam lures users into giving up the password information so phishers can then gain account and data access. As one security expert notes, the latest phishing scam shows criminals are getting much more organized in their attack strategies.

For more on the latest phishing scam:
- see this article at InfoWorld

ALSO NOTED: July is the month of browser bugs; Banks roll out biometric, RFID to boost security; and much more...

Wed, 05 Jul 2006 20:01:33 -0400

> July is the month of browser bugs. Article

> Banks roll out biometric, RFID to boost security. Article

> The top five things to know about VoIP before deployment. Article

> Free WiFi taking root in New York parks. Article

> IBM boosting investment and staffing in its Ireland campus. Article

> Telcom vendors push out 7,000 new hotspots in the U.S. Article

And Finally... An outsourcer takes its operations out to sea. Article

JPMorgan banks on tech to boost business

Wed, 14 Jun 2006 20:01:36 -0400

Technology development is a high priority at JPMorgan Chase as it revamps its network, pours about $1 billion into consolidation of data centers and pushes out better customer service technologies. It's hoping that all the investment, time and new tech strategy will not only boost revenue and cut costs but also move the company out of the efficiency slide it's been in. Among the top 10 banks, JPMorgan ranks the lowest in overhead efficiency ratio and return on equity.

For more on the company's tech approach:
- check out this article at BusinessWeek